<?php
/**
 * TestGuest Version1.0
 * ================================================
 * Copy 2017-2018 zxj
 * Web: http://www.zhaoxiaojie.club
 * ================================================
 * Author: Zxj
 * Date: 17/8/15
 * Time: 下午3:01
 *
 * 接收登录请求,验证登录!
 *
 */
//1.开启session
session_start();
//2.引入核心文件
include 'common/mysql.inc.php';
include 'common/function.inc.php';

//var_dump($_POST);

 if(!isset($_POST['act'])||($_POST['act']!='login')){

     $data['status'] = 0;
     $data['msg'] = '参数有误!';
     echo json_encode($data);
     exit();

 }

  //接收数据并过滤
    $username = _guo_lv_ajax($_POST['username']);
    $password = _guo_lv_ajax($_POST['password']);
    $code = _guo_lv_ajax($_POST['code']);

  //判断验证码
    if(strtolower($code)!=(strtolower($_SESSION['code']))){

        $data['status'] = 0;
        $data['msg'] = '验证码不正确!';
        echo json_encode($data);
        exit();

    }

    $password = md5($password);

    //查询数据库中密码
    $sql = "select * from bbs_pro_user WHERE username ='$username' limit 1";
    $res = mysql_query($sql);
    $data = mysql_fetch_assoc($res);
    if(empty($data)){


        $data['status'] = 0;
        $data['msg'] = '该用户不存在!';
        echo json_encode($data);
        exit();

    }

    if($data['password']!=$password){

        $data['status'] = 0;
        $data['msg'] = '用户名或密码错误!';
        echo json_encode($data);
        exit();

    }

    if($data['password']===$password){

        $data['status'] = 1;
        $data['msg'] = '登录成功!';
        //把信息存入session
        $_SESSION['pro_username'] = $data['username'];

        echo json_encode($data);
        exit();

    }


?>